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Attorneys for Defendant 
MICROSOFT CORPORATION 


UNITED STATES DISTRICT COURT 
NORTHERN DISTRICT OF CALIFORNIA 
OAKLAND DIVISION 


INTERTRUST TECHNOLOGIES 
CORPORATION, a Delaware corporation, 

Plaintiff, 


MICROSOFT CORPORATION, a 
Washington Corporation, 

Defendant 


CASE NO: C 01-1640 SBA 

MICROSOFT CORPORATION'S 
FIRST AMENDED ANSWER AND 
COUNTERCLAIMS TO THE SECOND 
AMENDED COMPLAINT 


Defendant Microsoft Corporation ("Microsoft") answers the Second Amended 
Complaint of InterTrust Technologies Corporation ("InterTrust") as follows: 

1 . Microsoft admits that the Second Amended Complaint purports to state a 
cause of action under the patent laws of the United States, 35 United States Code, §§ 271 and 


28 hoi. Microsoft denies that it has infringed or now infringes the patents asserted against Microsoft 
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i the Second Amended Complaint. Microsoft denies any and all remaining allegations of 
aragraph 1 of the Second Amended Complaint. 

2. Microsoft admits that the Second Amended Complaint purports to state a 
ause of action over which this Court has subject matter jurisdiction under 28 U.S.C. §§ 1331 and 
338(a). 

3 . Microsoft admits, for purposes of this action only, that venue is proper in 
his judicial districL Microsoft denies any and all remaining allegations of paragraph 3 of the 

Second Amended Complaint 

4. Upon information and belief, Microsoft admits the allegations of paragraph 

t of the Second Amended Complaint 

5. Microsoft admits the allegations of paragraph 5 of the Second Amended 

Complaint. 

6. Microsoft admits, for purposes of this action only, that it transacts business 
n this judicial district. Microsoft denies any and all remaining allegations of paragraph 6 of the 
Second Amended Complaint. 

7. Microsoft admits that on its face the title page ofU.S. Patent No. 6,185,683 
31 ("the '683 Patent") states that it was issued February 6, 2001, is entitled "Trusted and secure 
echniques, systems and methods for item delivery and execution," and lists "InterTrust 
rechnologies Corp." as the assignee.. Microsoft admits that a copy of the '683 Patent was 
mached to the copy of the Second Amended Complaint delivered to counsel for Microsoft, but 
Jenies that such copy was full and complete insofar as it did not include any material purportedly 
ncorporated by reference therein. Microsoft denies that the '683 Patent was duly and lawfully 
issued. Microsoft further denies any and all remaining allegations of paragraph 7 of the Second 

Amended Complaint. 

8. Microsoft admits that on its face the title page of U.S. Patent No. 6,253,193 
Bl ("the '193 Patent") states that it was issued June 26, 2001, is entitled "Systems and memods 
for the secure transaction management and electronic rights protection I , ' and lists "InterTrust 
Technologies Corporation" as the assignee. Microsoft admits that a copy of text associated with 
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I the -193 Patent was attached to the copy of the Second Amended Complaint delivered to counsel 
for Microsoft, but denies that such copy was full and complete as it did not include, among other 
things, any of the drawings or figures. Microsoft further denies such copy was mil and complete 
insofar as it did not include any material purportedly incorporated by reference therein. Microsoft 
denies that the ' 193 Patent was duly and lawfully issued. Microsoft further denies any and all 
remaining allegations of paragraph 8 of the Second Amended Complaint. 
9. Microsoft admits that on its face the title page of U.S. Patent No. 5,940,504 
| ("the '504 Patent") states that it was issued August 17, 1999 and is entitled "licensing 
management system and method in which datagrams including an addressee of a licensee and 
indicative of use of a licensed product are sent from the licensee's site." Microsoft admits that a 

11 I copy of the '504 Patent was attached to the copy of the Second Amended Complaint delivered to 

12 counsel for Microsoft. Microsoft denies that the '504 Patent was duly and lawfully issued. 
Microsoft further denies any and all remaining allegations of paragraph 9 of the Second Amended 
Complaint. 

10. Microsoft admits that on its face the title page of U.S. Patent No. 5,920,861 
("the '861 Patent") states that it was issued July 6, 1999, is entitled "Techniques for defining, 
using and manipulating rights management data structures," and lists "InterTrast Technologies 
Corp." as the assignee. Microsoft admits that a copy of the '861 Patent was attached to the copy 
of the Second Amended Complaint delivered to counsel for Microsoft, but denies that such copy 
was full and complete insofar as it did not include any material purportedly incorporated by 
reference therein. Microsoft denies that the '861 Patent was duly and lawfully issued. Microsoft 
further denies any and all remaining allegations of paragraph 10 of the Second Amended 
Complaint. 

1 1 . Microsoft repeats and reasserts its responses to paragraphs 1 -7 of the 
Second Amended Complaint, as if fully restated herein. 

12. Microsoft admits that the Second Amended Complaint purports to state a 
cause ©faction under 35 U.S.C §§271 and 281. Microsoft denies that it has infringed or now 

28 ^fringes foe 
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1 [denies any 


and aU remaining allegations of paragraph 12 of the Second Amended Complaint 
13. Microsoft denies any and all allegations of paragraph 13 of the Second 


Amended Complaint 

14. Microsoft denies any and all allegations of paragraph 14 of the Second 


5 I Amended Complaint 

6 | 15 . Microsoft denies any and all allegations of paragraph 15 of the Second 

7 | Amended Complaint. 

g I i6. Microsoft denies any and all allegations of paragraph 16 of the Second 

9 J Amended Complaint 

10 I 17. Microsoft denies any and all allegations of paragraph. 17 of the Second 

1 1 Amended Complaint 

1 8. Microsoft repeats and reasserts its responses to paragraphs 1 -6 and 8 of the 

Second Amended Complaint, as if fully restated herein. 

19. Microsoft admits that the Second Amended Complaint purports to state a 
cause of action under 35 U.S.C. §§ 271 and 281. Microsoft denies that it has infringed or now 
infringes the patents asserted against Microsoft in the Second Amended Complaint. Microsoft 
denies any and all remaining allegations of paragraph 19 of the Second Amended Complaint 

20. Microsoft denies any and all allegations of paragraph 20 of the Second 
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Amended Complaint. 

21 . Microsoft denies any and all allegations of paragraph 21 of the Second 


21 U Amended Complaint 
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22. Microsoft denies any and all allegations of paragraph 22 of the Second 

Amended Complaint. 

23 . Microsoft denies any and all allegations of paragraph 23 of the Second 

Amended Complaint. 

24. Microsoft denies any and all allegations of paragraph 24 of the Second 

Amended Complaint 
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25. Microsoft repeats arid reasserts its responses to paragraphs 1-6 and 9 of the 
2 | Second Amended Complaint, as if fully restated herein. 

26. Microsoft admits tiiat the Second Amended Complaint purports to state a 
cause of action under 35 U.S.C. §§ 271 ajid 281 . Microsoft denies that it has infringed or now 
infringes the patents asserted against Microsoft in the Second Amended Complaint. Microsoft 
denies any and all remaining allegations 6f paragraph 26 of the Second Amended Complaint 

27. Microsoft denies any and all allegations of paragraph 27 of the Second 

Amended Complaint. 

28 Microsoft denies any and all allegations of paragraph 28 of the Second 

i 

i 

Amended Complaint. j 

29. Microsoft denies Ly and all allegations of paragraph 29 of the Second 

Amended Complaint. 

30. Microsoft denies any and all allegations of paragraph 30 of the Second 

Amended Complaint. 

3 1 . Microsoft denies any and all allegations of paragraph 3 1 of the Second 

Amended Complaint. 

32. Microsoft repeatsjand reasserts its responses to paragraphs 1-6 and 10 of 
the Second Amended Complaint, as if fully restated herein. 

33. Microsoft admits that the Second Amended Complaint purports to state a 
cause of action under 35 U.S.C. §§ 271 and 281. Microsoft denies that it has infringed or now 
infringes the patents asserted against Microsoft in the Second Amended Complaint Microsoft 
denies any and all remaining allegations! of paragraph 33 of the Second Amended Complaint. 

34. Microsoft denies 'any and all allegations of paragraph 34 of the Second 

i 

Amended Complaint. j 

35. Microsoft denies any and all allegations of paragraph 35 of the Second 

Amended Complaint. 

36. Microsoft denies any and all allegations of paragraph 36 of the Second 
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37. Microsoft denies aay and all allegations of paragraph 37 of the Second 

\mended Complaint. 

38. Microsoft denies any and all allegations of paragraph 38 of the Second 

Amended Complaint. 

AFFIRMATIVE AND OTHER D EFENSES 
Further answering the Second Amended Complaint, Microsoft asserts the 
Following defenses. Microsoft reserves the right to amend its answer with additional defenses as 

further information is obtained. 

First Defense: Noninfringement of the Asse rted Patents 

1 . Microsoft has not infringed, contributed to the infringement of, or induced 
the infringement of U.S. Patent No. 6,185,683 Bl ("the '683 Patent"), US. Patent No. 6,253,193 
Bl ("the '193 Patent"), U.S. Patent No. 5,940,504 ("the '504 Patent") or U.S. Patent No. 
5,920,861 ("the '861 Patent"), and is not liable for infringement thereof. 

2. Any and all Microsoft products or actions that are accused of infringement 
have substantial uses that do not infringe and therefore cannot induce or contribute to the 
infringement of the '683 Patent, the '193 Patent, the '504 Patent or the '861 Patent. 

Second Defense: Invalidity of the A sserted Patents 

3. On information and belief, the '683 Patent, the ' 193 Patent, the «504 Patent 
and the '861 Patent are invalid for failing to comply with the provisions of the Patent Laws, Title 
35 U.S.C., including without limitation one or more of 35 U.S.C §§ 102, 103 and 1 12. 

Third Defense; Unavailability of Relief 

4. On information and belief. Plaintiff has failed to plead and meet the 
requirements of 35 U.S.C. § 271(b) and is not entitled to any alleged damages prior to providing 
any actual notice to Microsoft of the '683 Patent, the ' 193 Patent, the '504 Patent or the '861 
Patent. 

Fourth Defense: Unavailability of Relief 

5 . On information and belief, Plaintiff has failed to plead and meet the 

1 requirements of 35 U.S.C. § 284 for enhanced damages and is not entitled to any damages prior to 
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, providing any actual notice to Microsoft of the '683 Patent, the '193 Patent, the '504 Patent, 
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and/or the '86 1 Patent, and any alleged infringement thereof. 

Fifth Defense! Unavail ability of Relief 
6. On information and belief, Plaintiffhas foiled to plead and meet the 
requirements of 35 U.S-C § 287, and has otherwise failed to show that it is entitled to any 


damages. 

Sirth Defense: Prosecution History E stoppel 

7. Plaintiffs alleged causes of action for patent infringement are baired under 
the doctrine of prosecution history estoppel, and Plaintiff is estopped from claiming that the '683 

10 I Patent, the * 193 Patent, the '504 Patent, and/or the '861 Patent covers or includes any accused 

1 1 I Microsoft product or method- 

Seveoth Defense: Dedication to th e Public 

8. Plaintiffhas dedicated to the public all methods, apparatus, and products 
disclosed in the '683 Patent, the ' 193 Patent, the '504 Patent, and/or the '861 Patent, but not 
literally claimed therein, and is estopped from claiming infringement by any such public domain 
methods, apparatus, and products. 

Eighth Defense: Use/Manufacture Bv/For United Sta tes Government 

9. To the extent that any accused product has been used or manufactured by 
or for the United States, Plaintiffs claims and demands for relief are barred by 28 U.S.C § 1498, 

Ninth Defense: License 

10. To the extent that any of Plaintiffs allegations of infringement are 
premised on the alleged use, sale, or offer for sale of products that were manufactured by or for a 
licensee of JnterTrust and/or provided by or to Microsoft to or by a licensee of InterTrust, such 
allegations are barred pursuant to license. 

Tenth Defense; Acquiescence 

1 1 . Plaintiff has acquiesced in at least those acts of Microsoft that are alleged 
27 I to infringe the *861 Patent, the '683 Patent, and the '193 Patent. 
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Eleventh Defense: Laches 

1 2. Plaintiff's claims fof relief are barred, in whole or in part, by the equitable 

! 

doctrine of laches. ! 

Twelfth Defense; Inequitab le Conduct 

13. The *861 Patent claims are unenforceable due to inequitable conduct, 


6 including those acts and failures to act setforth in Microsoft's Counterclaim for Declaratory 


Judgment of Unenforceability of the '861 Patent, set forth below. 

COUNTERCLAIMS 

COUNT I - DECLARATORY 
JUDGMENT OF NONINF RINGEMENT 

1 . This action arises trader the patent laws of the United States, Title 35 

12 1 U.S.C. §§ 1, et seq. This Court has subject matter jurisdiction over this counterclaim under 28 

13 |u.S.C.§§ 1338, 2201, and 2202. 


7 
8 
9 
10 
11 


2. Microsoft Corporation ("Microsoft") is a Washington corporation with its 

i 

principal place of business in Redmond, Washington. 

3. Upon information and belief, Plaintiff /Counterclaim Defendant IoterTnxst 
Technologies Corporation ("InterTrust") is a Delaware corporation with its principal place of 
business in Santa Clara, California. 

4. InterTrust purports to be the owner of U.S. Patent Nos. 6,185,683 Bl ("the 
'683 Patent"), 6,253,193 Bl ("the '»93 pUnt"), 5.940,504 ("the '504 Patent"), and 5,920,861 

i i 

("the '861 Patent"). ! | 

; i 

5. InterTrust alleges that Microsoft has infringed the '683 Patent, the * 193 

Patent, the '504 Patent, and the '861 Patent. 

6. No Microsoft product has infringed, either directly or indirectly, any claim 

25 of the '683 Patent, the '193 Patentee '504 Patent, or the '861 Patent, and Microsoft is not liable 

26 | for infringement thereof. 
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7. Ai) a ctu a lcontroversy,withintheme a mngof28US.C.§§220i a nd2202, 
I exists between Microsoft, on the one hand, and InterTrust, on tbe other hand, with respect to the 
infringement or noninfringement of the '683 Patent, the ■ 193 Patent, the '504 Patent, and/or the 

4 J '861 Patent. 

5 I COUNT H- DECLARATORY 
JUDGMENT CIV INVALIDITY OF THE '683 PATENT 

6 " 

7 I 8. Microsoft repeats and realleges paragraphs 1-5 of its Counterclaims, as if 

8 1 fully restated herein. 

9 I 9 The * 683 Patent, and each claim thereof, is invalid for failing to comply 

10 I with the provisions of the Patent Laws, including one or more of 35 U.S.C. §§ 102, 103 andll2. 

11 |. 1 0. An actual controversy, within the meaning of 28 U.S.C. §§2201 and 2202, 

exists between Microsoft, on the one hand] and InterTnist, on the other hand, with respect to 

whether the claims of the '683 Patent are Valid or invalid. 

COUNT JTJ - DECLARATORY 
JUDGMENT OF INVALIDITY OF THE '19 3 PATENT 

1 1 . Microsoft repeats and realleges paragraphs 1-5 of its Counterclaims as if 

fully restated herein. 

12. The '193 Patent, and each claim thereof, is invalid for failing to comply 
with the provisions of the Patent Laws, including one or more of 35 U.S.C. §§ 102, 103 and 1 12. 

13. An actual controversy, within the meaning of 28 U.S.C. §§ 2201 and 2202, 

2 1 exists between Microsoft, on the : one han«t and InterTmst, on the other hand, with respect to 

22 whether the claims of the '193 Patent are valid or invalid. 

23 COUNT TV -DECLARATORY 

24 JUDGMENT OF INVALIDITY OF THE '504 PATENT 

25 14. MicrosofVrepeats and realleges paragraphs 1-5 of its Counterclaims as if 

26 j fully restated herein. 

15.. The *504 Patent, and each claim thereof, is invalid for failing to comply 
" 2 g Lh the provisions of the Patent Laws, including one or more of 35 U.S.C. §§ 102, 103 andU2. 

Ormck I DOCSSVI-.IMW6.1 Microsoft corporation' s First amq^ded answer 
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An actual controversy, within the meaning of 28 U.S.C. §§ 2201 and 2202, 


2 K exists between Microsoft, on the one handj 
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and InterTrust, on the other hand, with respect to 
whether the claims of the *504 Patent are valid or invalid. 


C6UM% - DECLARATORY 
JUDGMENT OF INVALIDITY OF THE '861 PATENT 


'CI 


17. Microsoft repeats afei realleges paragraphs 1-5 of its Counterclaims as if 

I i . 
i ! 

fully restated herein. • \ | 

18: The '861 Patent, and each claim thereof, is invalid for failing to comply 

i | 

with the provisions of the Patent Laws, iricjludinB one or more of 35 U.S.C. §§ 102, 103andll2, 

i " 

19. An actual controversy, within the meaning of 28 U.S.C. §§ 2201 and 2202, 

and InterTrust, on the other hand, with respect to 


exists between Microsoft, on the one hand 
12 | whether the claims of the '861 Patent arcyalid or invalid. 
13 
14 


15 
16 
17 
18 
19 
20 
21 
22 


COUNT VI - DECLARATORY JUDGMENT 
Off UNENFORCEABILITY OF THE '8 61 PATENT 

20. Microsoft jepeats knd realleges paragraphs 1 -5 of its Counterclaims, as if 

fully restated herein. . ^ j. 

Claims 1-129 of thfe "861 Patent application (SN 08/805,804), and claims 


21. 


1-101 of the '861 Patent, were not.and are 1 not entitled to benefit of any application filing date 

j. ■ 

prior to February 25, 1997, under 35 USifX § 120 or otherwise. 

22. Exhibit A hereto isja reprint of an article entitled "Digibox: A Self- 
Protecting Container for Information Commerce." The article shown in Exhibit A (hereafter, 


1995 in the Proceedings of the First USENTX 


the Sibert article") was published in Jufy 

. • ;. Ij 

„, 1 Workshop on Electronic Commerce, j. 

23 II r . 1 1 

23 On information and belief, the content of pages 2-1 4 of Exhibit A was 

24 ; !• f 

25 1 presented at a public conference in the United States in July 1995. 
24. Exhibit B hereto is a copy of a page from an International Application 

published under the Patent Cooperation Treaty (PCT), bearing International Publication Number 
WO 96/27155. 


26 
27 
28 


ORMfK 


OOCSSVl:»«XJ96.l 


HE.RRINC.TOS 
& SiTCLifffi LLP 


Microsoft Corporation- s First amended answer 
-10- .^COUNTWCLAIMS. Case No. C 01-1640 SSA 


09/28/2001 09:23 FAX 415 394 0134 


KEKER & VAN NEST LLP 

". i; 


@012 


1 

2 

3 

4 

5 

6 

7 

8 

9 

10 

11 

12 

13 

14 

15 

16 

17 

18 

19 

20 

21 

22 

23 

24 

25 

26 

27 

28 

Orrick 
herringto^ 

& S'.TCS.iF?F LLP 


25. ' Ctaiaformati^andb^ 

all times since its filing date, been oWned Ijid controlled by InterTrust or its predecessors in 

!• > 
; i 

interest '! !' 

26. International ^cation WO 96/27155 (hereafter "the WO 967271 55 

(PCT) publication") was published on September 6, 1996. 

27. United States'-PatentW 5,910,987 ("the '987 Patent") issued on June 8, 
1999, from a continuation of an application filed on February 13, 1995. 

28. The Sibert article is prior art to claims 1-129 of the '861 Patent application 
(SN 08/805,804), and claims 1-101 |of the* '861 Patent, under 35 U.S.C. §§ 102(b), 103. 

29. The WO 96/27155i(PCT) publication is prior art to claims 1-129 of the 
•861 Patent application (SN 08/805^804) j and claims 1-101 of the '861 Patent, under 35 U.S.C §§ 

102(a), 103. J I 

30. The '987 Palent isipiior art to claims 29-129 of the '861 Patent application 

(SN 08/805,804), and claims l-lOljof th<:j'861 Patent, under 35 U.S.C. §§ 102(e), 103. 

31. The Sibert article yjas material to the patentability of claim 1 of the '861 

j ; 

Patent application (SN 08/805,804),. ; 

32. The Sibert article was material to the patentability of claims 2-129 of the 

I i 

•861 Patent application (SN 08/805,804)1; 

33. The WO 96/271 55 i(PCT) publication was material to the patentability of 
claim 1 of the '861 Patent application (SN 08/805,804). 

• i 

34 The WO 96Jj27 1551 (PCT) publication was material to the patentability of 

i; |i 

claims 2-129 of the *861 Patent appUcation (SN 08/805,804). 

35. The '987 Patent was material to the patentability of claims 29-129 of the 

«i j!' 

'861 Patent application (SN 08/805,804).; 

36. One or more of the '861 Patent applicants knew, while the '861 Pateni 
application (SN 08/805,804) was pending, of the July 1995 publication of the Sibert article. 

37. On information and belief, one or more of the '861 Patent applicants knew, 
while the '"861 Patent application (SN 08/805,804) was pending, of the September 1996 

DOC55V1:160096.1 MlCR0S OFT Corporation's F«ST amended Answer 
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ublication of the WO 96/27155 (PCT) publication 


38. One or more of the 
pplication (SN 08/805,804) was pending 

39. On information anc 


861 Patent applicants knew, while the '861 Patent 
of the June 8, 1999 issuance of the *987 patent 
belief, one or more of the attorneys who prosecuted or 
listed in prosecuting the '861 Patent application (SN 08/805,804) knew, while that application 
vas pending, of the July 1995 publication of the Sibert article. 

40. One or more of the attorneys who prosecuted or assisted in prosecuting the 
861 Patent application (SN 08/805,804) knew, while that application was pending, of the 
September 1996 publication of the WO 9 5/27155 (PCT) publication. 

41 . One or more of the attorneys who prosecuted or assisted in prosecuting the 
861 Patent application (SN 08/805,804) knew, while that application was pending, of the June 8, 
L999 issuance of the *987 patent. ; 

42. The applicants for the *861 Patent did not cite the Sibert article, the WO 
)6/27155 (PCT) publication, or the *987 Patent to the Patent Office as prior art to any of claims 1- 
1 29 of the *861 Patent application (SN 08/805,804). 

43. The applicants for the *861 Patent did not cite to the Patent Office as prior 
irt to any of claims 1-129 of the '861 Patent application (SN 08/805,804) any reference having 
the same or substantially the same disclosure as the Sibert article, the WO 96/27155 (PCT) 

publication, or the '987 Patent 

44. None of the Sibert article, the WO 96727155 (PCT) publication, or the *987 
Patent is merely cumulative over any reference cited as prior art during the prosecution of the 
'861 Patent application (SN 08/805,804). 

45. On information and belief, one or more of the '86 1 Patent applicants 
believed, during pendency of clainVl of the '861 Patent application (SN 08/805,804), that the 
Sibert article disclosed an embodiment of claim 1 of the '861 Patent application (SN 08/805,804). 

46. On information and belief, one or niore of the '861 Patent applicants 
believed, during pendency of claim 1 of the '861 Patent application (SN 08/805,804), that the 
WO 96/27155 (PCT) publication disclosed an embodiment of claim 1 of the '861 Patent 
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1 I application (SN 08/805,804). 
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47. On information and 


relief, one or more of the '861 Patent applicants 
believed, while the '861 Patent application^ 08/805,804) was pending, that the Sibert article 
was material to the patentability of claims 1-129 of the '861 Patent application (SN 08/805,804), 
but, with deceptive intent, failed to disclose that reference as prior art to the Patent Office. 

48. On information and belief, one or more of the '861 Patent applicants 
believed, while the '861 Patent application (SN 08/805,804) was pending, that the WO 96/27155 
(PCT) publication was material to the patLability of claims 1-129 of the '861 Patent application 
(SN 08/805,804), but, with deceptive intent, failed to disclose that reference as prior art to the 


10 I Patent Office. 


49. On information and belief, one or more of the '861 Patent applicants 

12 1 believed, while the '861 Patent applicatio i (SN 08/805,804) was pending, that the '987 Patent 

13 was material to the patentability of claims .29-129 of the '861 Patent application (SN 08/805,804), 

14 I but, with deceptive intent, failed to disclose that reference as prior art to the Patent Office. 


15 


50. The '861 Patent is unenforceable due to the inequitable conduct of the '861 

1 6 I Patent applicants before the Patent and Trademark Office in connection with the '861 Patent 

17 | application (SN 08/805,804). 

51. An actual controversy, within the meaning of 28 U.S.C. §§ 2201 and 2202, 

exists between Microsoft, on the one hanL and InterTrust, on the other hand, with respect to 

whether the claims of the '861 Patent are enforceable. 

COUNT jm ■ INFRINGEMENT 
OF II.S. PATENT NO. 6.049.671 

52. Microsoft repeats Ld realleges paragraphs 2-3 of its Counterclaims, as if 
fully restated herein. 

53 This Court has exclusive subject matter jurisdiction over Microsoft's cause 
of action for patent infringement under ijitle 28, United States Code, Sections 1331 and 1338, and 
under the patent laws of the United Stati, Title 35 of the United States Code. 


Orkick 


HARRINGTON 
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54. U.S. Patent No. 6,049,671 ("the '671 Patent") issued to Microsoft 

2 J Corporation as the assignee of Benjamin j. Slivka and Jeffrey S. Webber on April 1 1, 2000. 

3 „ 55. A true copy ofthe '(571 Patent is attached as Exhibit C hereto, and is 


4 1 incorporated herein by reference. 


5 

'6 
7 
8 
9 
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11 
12 
13 
14 
15 
16 
17 
18 
19 
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56. Microsoft owns all right, title and interest in the '671 Patent. 

ij 

57. InterTrust has had actual notice ofthe '671 Patent 

58. InterTrust has infringed one or more claims ofthe '671 Patent, in violation 

of at least 35 US.C. § 271(a, b, c). 

59. InterTrost's infringement ofthe '671 Patent has caused and will continue to 
cause Microsoft damage, including irreparable harm for which it has no adequate remedy at law. 

COUNT ym - INFRINGEMENT 
OF TI.S. PATENT NO. 6.256.668 


60. Microsoft repeats and realleges paragraphs 2-3 and 51 of its Counterclaims, 


j 

as if fully restated herein. |j 

61 . U.S. Patent No. 6,256,668 Bl ("the '668 Patent") issued to Microsoft 
Corporation as the assignee of BenjaminrW. Slivka and Jeffrey S. Webber on July 3, 2001. 

62 . A true copy of theji*668 Patent is attached as Exhibit D hereto, and is 
incorporated herein by reference. \< 


63. 
64. 
65. 


Microsoft owns all right, title and interest m the '668 Patent 

r 

InterTrust has hadjjactual notice of the *668 Patent. 


InterTrust hai infringed one or more claims ofthe '668 Patent in violation 

of at least 35 U.S.C. § 271(a, b, c). [ P 

66. InterTrust's infHnjgement of the '668 Patent has caused and will continue to 
cause Microsoft damage, including irrepjarable harm for which it has no adequate remedy at law. 

PR AVER FOR RELIEF 
WHEREFORE, Microsoft prays for the following relief: 
A. The Court enter judgment against InterTrust on, and dismiss with 
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prejudice, any and all claims of the Secondj Amended Complaint; 

B. The Coun enter jud pent declaring that Microsoft has not infringed, 
contributed to infringement of, or induced Infringement of the '683 Patent; 

C. The Court enter judgment declaring that Microsoft has not infringed, 

. i 

contributed to infringement of, or induced infringement of the '193 Patent; 

D. The Court enter juc pnent declaring that Microsoft has not infringed, 
contributed to infringement of, or mducedLfringement of the '504 Patent; 

E. . The Court enter judgment declaring that Microsoft has not infringed, 
contributed to infringement of, or induced: infringement of the '861 Patent; 

F. The Court enter judgment declaring that the '683 Patent is invalid; 

G. The Court enter julgment declaring that the * 1 93 Patent is invalid; 

H. The Court enter judgment declaring that the *504 Patent is invalid; 

L 
J. 

inequitable conduct; 

K. 
L. 
M. 


The Court enter julgment declaring that the '861 Patent is invalid; 
The Court enter ju Igment that the '861 Patent is unenforceable due to 


The Court enter ju Igment that InterTrust has infringed the '671 patent; 
The Court enter ju Igment mat InterTrust has infringed the '668 patent; 
A permanent injur ction prohibiting InterTrust, its officers, agents, servants, 
employees, and all persons in active, conejert or participation with them from infringing the '671 

and '668 Patents; j 

N. An award against jnteiTrust of damages and attorney fees, pursuant to the 

provisions of 35 U-S.C §§ 284, 285. 

O. An award to Micr isoft of prejudgment interest and the costs of this action. 
P. The Coun award i o Microsoft its reasonable costs and attorneys' fees; and 
Q. The Cotiit grant t< I Microsoft such other and further relief as may be 

deemed just and appropriate. 

/// 


HERR1NCT0N 

: LLP 
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3 I trial by jury. 

4 I DATED: September 17, 2001 
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Abstract 

Information Commerce is a business activity carried out among several parties in which information car- 
ries value and is treated as a product The information may be content, it may be returned usage and mar- 
keting data, and it may be representative of financial transactions- 

In each of these cases the information is valuable and must be kept secure and private. Traditional 
approaches secure the transmission of that information from one point to another; there are no persistent 
protections. Protection of all of these components of information commerce for all parties in a transaction 
value chain is necessary for a robust electronic infrastructure. 

A prerequisite to such an environment is a \ cryptographically protected container for pacte&ng 
information and controls that enforce information rights. This paper describes such a corUainen cf«* the 
DigiBox™. EPR has submitted initial specifications for the DigiBox container to the ANSI USP Electronic 
Publishing Task Force (EPUB) within the User/Content Provider Standards Working Group (WG4), 


1 Introduction 

As services and products in modem commerce 
increasingly take electronic form, traditional com- 
merce is evolving into electronic commerce. This 
includes both creation and enforcement of varicruS 
agreements between parties in an electronic com- 
mercial relationship. It also includes enforcing me 
rights of these parties with respect to the secure 
management of electronic content or services 
usage, billing, payment, and related activities. 

To save money, to be competitive, and to be effi- 
cient [J ,2], members of modem society will shortly 
bt using new information technology tools that 


truly support electronic commerce. These tools 
provide for the flow of products and services 
through creators', providers', and users* hands. 
They enable the creation, negotiation, and enforce- 
ment of electronic agreements, including the evo- 
lution of controls that manage both the use and 
consequences of use of electronic content or ser- 
vices. In addition, these tools support "evolving" 
agreements that progressively reflect the require- 
ments of further participants in a commercial 
model. 

Participants in electronic commerce [3,4] will need 
rules and mechanisms such that: 
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1 . Information providers can be assured thatlheir 
content is used only in authorized ways; 

2. Privacy rights of users of content are pre- 
served; and 

3. Diverse business models related to content can 
be electronically implemented. 

i 

The Internet and other information commerce 
infrastructures will require a management compo- 
nent that enforces such rules, ensuring a- safe, 
coherent, fair, and productive community. Tbis 
management component will be critical to the elec- 
tronic highway's acceptance. Without rules to pro- 
tect the rights of content providers and other 
electronic community members, the electronic 
highway will comprise nothing more than a collec- 
tion of limited, disconnected applications. 

Analysts have concluded that content will consti- 
tute the largest revenue-generating component of 
the information superhighway [5]. It is also clear 
that unfettered access to content requires that con- 
tent providers be able to maintain control oyer lit- 
erary or copyrighted assets. Many analysts 
conclude that this will be one of the key bottle- 
necks in the implementation and deployment of 
New Media, i 


requires a substantial manufacturing investment 
Figure 1 illustrates a simplified traditional informa- 
tion economy*, physical goods flow from a pub- 
lisher (manufacturer) to a customer, in response to 
orders and followed by payments. The author's 
relationship with the publisher may be more light- 
weight, but the author is nonetheless dependent on 
the publisher to report sales and make royalty pay- 
ments in accordance with the author's contract In 
addition, a financial institution provides payment 
processing and clearing services for all parties. 


Financial 
Institution 



2 Information Commerce and Digital 
Value Chains 

Information commerce is often considered' a 
wholly new concept, made possible only through 
the use of networks and computers* In fact;' a 
robust information economy has existed forjecntu- 
ries, involving trafficking in physical representa- 
tions of information such as books, newspapers, 
and so on. Because such commerce involvesiphxsi- 
cal goods, there is a non-negligible floor to the cost 
of handling information goods. The new aspects jof 
the electronic information economy are that the 
information itself is the entire product and that jthe 
product can be distributed at negligible marginal 
cost. 

The traditional information economy in physical 
goods is publisher-centric, because creation* of 
information goods-^particularly low-cost goods- 


Figure 1 . Traditional information economy. 

Because of the flexibility afforded by electronic 
mechanisms, information commerce is evolving 
from indirect advertiser-supported, mass-audi- 
ence media to a new, niche-audience-oriented busi- 
ness modeL In this system, members of the 
electronic community, with. or without the eco- 
nomic support of advertising, pay providers 
directly for what they want to receive. Business-to- 
business purchasing is steadily evolving into a 
direct electronic ordering model. 

Figure 2 illustrates the flexibility possible in new 
electronic information commerce models. 
Although there is still a role for publishers, this 
role no longer involves physical goods. Rather, the 
publisher is responsible for packaging and aggre- 
gating information goods and control information, 
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then making them available to customers. Similar 
to a manufacturmg/cKstribution/retail chain for 
physical goods, the electronic model permits infor- 
mation retailers, and even end customers, to re- 
package and redistribute different aggregations .of 
information while ensuring that the appropriate 
control nUes are maintained. A clearinghouse 
ensures that usage information and payments are 
provided directly to authors and publishers; tiic 
payments themselves are made through traditional 
financial institutions. Because control rules are 
associated with information, a variety of payment 
and other business models can be associated with 
the same content (e.g n purchase versus pay-per- 
use). 


2 J Protecting All the Information in 
Information Commerce 

The very properties that make "the net** attractive 
as a distribution medium — ease of manipulating 
information in electronic form— also appear to 
make these protections'mtractable. Addressing mis 
dichotomy requires a paradigm shift in computer 
architecture to introduce the concept of a "secure 
processing" environment in which protected infor- 
mation can be manipulated without being subject 
to external tampering or disclosure. A prerequisite 
to such an environment is a eryptographicalry pro- 
tected "container** for seamlessly packaging infor- 
mation and controls mat enforce information use 
rights. 


Author 


Creates 



Fin ootid 
Institution 


0 


Publisher 
Distribute 



Content 


Aggregated Payment, 
Usage Information; 


lymcnt m '! 
Authorization* 


Clearinghouse 


^Content 



Customer 

Extracted 

Customer 

Pays per Use 

ContenT 

Purchases 


Contrail 



Content 


Redistributes 



Payments; 
U«gc kepbru 


Figure 2. Electronic information economy. 


The conversion from traditional commercial distri- 
bution channels requires key foundation technolo- 
gies and re$ults in a fundamental shift in existing 
mfrastrucmres. This channel transformation jyill 
create a new electronic digital distribution industry. 
Digital distribution employing the DigiBox con- 
tainer architecture and its associated support envi- 
ronment, lnterTrust™, can play a critical role in 
this transformation of the communication, mejUa, 
and information technology markets. 


The DigiBox described by this paper is such a con- 
tainer. 

The need for various information commerce com- 
puters and appliances to mteroperate requires mat 
this container format and its access methods be 
standardized. EPR has submitted initial specifica- 
tions for the DigiBox container to the American 
National Standards Institute (ANSI) Information 
Infrastructure Standards Panel (US?) through the 
Electronic Publishing Task Force (EPUB) in the 
User/Content Provider Standards Working Group 
(WG4). 

The primary goal of information protection is to 
permit proprietors of digital information (i.e., the 
artists, writers, distributors, packagers, market 
researchers, etc.) to have the same type and degree 
of control present in the "paper world-" Because 
digital information is intangible and easily dupli- 
cated, those rights are difficult to enforce with con- 
ventional information processing technology. 
Many types of rights (compensation, distribution, 
modification, etc.) are associated with the various 
elements of information commerce, and these 
information property rights take many forms. At a 
high level, there is the legal definition of "copy- 
right/* codified in U.S. law [6-9] and the Berne 
Convention. This gives copyright holders a legal 
right to control bow copyrighted infbnnation is 
handled. In addition, various high-level rights are 
conferred by contractual arrangements between 
primary rightsholders and other parties. 
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For example, the protections needed for content 
elements incorporate the licensing provisions for 
the intellectual property rights of the content right- 
scolders. In a broader sense, these rights include 
control over several activities: the right to be com- 
pensated for use of the property; the right to con- 
trol how content is distributed; the right to prevent 
modification of content by a distributor, "fair use" 
rights; the rights to the usage data, privacy rights bf 
individuals, and so on. ;j 

:l 

In the realm of physical goods, these rights are 
enforced by a combination of legal and technical 
means. However, the technical means can be (arid 
are) unsophisticated because the technology for 
violating rights is relatively expensive and tinte- 
consuming— in comparison to equivalent activities 
with respect to digital information. Photocopying a 
book or copying a video cassette is inherently mqSre 
labor intensive and costly than copying a file: Sjo, 
while defeating technical means of eriforcementjis 
(relatively) expensive, it can be done — and often 
the legal means to deter this are inadequate. . ( 

'i 

2,2 Information Commerce — Not Just n 
Payment ': 

Rights protection is also a fundamental aspect jof 
commerce. Commerce is not just a way for two 
parties to pay each other for something. Rather; it 
is an extraordinarily rich web of relationships 
among parties that concerns payment, negotiation, 
control, advertising, reporting, auditing, and a vari- 
ety of other activities. These activities are impor- 
tant aspects of the transaction relationships. Often 
the information carried in these reports, audits^ fiend 
the like is highly valuable and highly confidential, 
perhaps even more valuable than the content that is 
the subject of the information commerce at hajncL 
These activities too are performed and controlled 
in the "paper world" by legal and technical means, 
but there are no widely used models for their elec- 
tronic equivalents. t i 

Figure 3 shows some of the operations that could 
occur in true electronic commerce, using the Inter- 
net World-Wide Web [10] mechanisms as an exam- 
ple. Creators originate content and apply rules 
(e.g., "pay author Sl.OO/use") for its use. Distribu- 
tois'tep^cfoige content, applying additional rules 


(e.g^ "pay $5.00 fox the collection, then pay the 
creator" "report use of each item"). Users receive 
content and operate on it, generating billing reports 
and usage reports mat are delivered to a clearing- 
house and paid or summarized back for the origv 
. naring parties. This structure is very rich and is 
capable of supporting many business models. 
There are multiple flows of mfbnnation in many 
different directions amongst the parties involved in 
the transactions. 

Another example is that of an advertiser (acting as 
distributor, or with a distributor). The advertiser 
might have a rule mat offers a discount, or no 
charge at all, but only if the user views the adver- 
tisement and agrees to have that fact reported to the 
advertiser. 

It is relatively simple to devise schemes for parties 
to pay each other electronically (for example, Digi- 
Cash [11], NetBill [12], Open Market [13], SKPP 
[14], NetGhcque [15], First Virtual [16], etc.). Pay- 
ment, however, constitutes only one — and perhaps 
the simplest one — of the means m which parties in 
commerce interact All the other information com- 
merce components must be accomplished with the 
same needs for security, privacy, and integrity. In 
fact, these aspects of electronic commerce, includ- 
ing rights protection, are strongly intertwined in 
the digital economy, because much digital com- 
merce concerns information and innovative busi- 
ness models for information commerce. 

3 Existing Approaches to Information 
Commerce 

Information proprietors employ a variety of tech- 
nological protection approaches today. These 
approaches are generally "point solutions," in that 
they protect a specific type of property in a specific 
context and enforce only specifically defined 
rights — typically only the right to compensation 
for use. Because the technologies are limited, the 
market is fragmented, and there are no general pro- 
tection solutions.' . 
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Figure 3. Muhi-paity Internet information commerce. 


3.1 No Protection 


I 



DigiBox- 
Aware 
Browser 


Users 


Much digital property is distributed without any 
technological enforcement for property rights, on 
the assumption that legal means suffice. This 
approach works well enough for many low-value 
properties, but it has the disadvantage of raising the 
price to legitimate users who must pay for both 


their own and illegitimate use. In many cases, how- 
ever, this cost is negligible, and no protection is an 
economically sound choice. Even for content that 
is free, however, a creator may wish to impose 
some rules for reporting or some access control. Of 
course, privacy rights of users will be a concern to 
many. 


!. 1 
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3 J license Managers 

For some valuable software properties, license 
managers are used. Because a software property is 
dynamic (executable), it is feasible to restrict it so 
that it functions properly only through interaction 
with a license manager process. In general, there is 
no protection of usage data in these schemes. In 
some cases this technique has been applied to con- 
tent protection, but only with limited success [llj, 
18]. 

3,3 Cryptographic Unlock 

Some static properties (fonts, for example; also 
some installable software) are protected by a sim- 
ple "unlock" scheme: a purchaser makes a pur- 
chase, for example by telephone with a credit carl, 
and receives a cryptographic key in return. This 
key can then be used to "unlock" one property 
from some widely distributed medium (e.g n CD- 
ROM or network download). This mechanism jis 
relatively inflexible, and its inherently manual 
nature makes it expensive. I 


3.4 Billing Schemes J 

} 

Various billing schemes (as mentioned above) per- 
mit purchase of information following what 4s 
essentially an electronic check ot electronic credit 
draft model. These methods are suitable for con- 
ventional transactions, but not for the . enormous 
volumes of (individually) very low-value transac- 
tions that would be generated using a complex dig- 
ital property. 

3.5 Secured Delivery 

Various secured delivery systems (e.g., SSL [19], 
SHTTP [20]) share the same problems as crypto- 
graphic unlock, but in a network context They are 
only point-to-point solutions, with the mformauon 
(content, usage data, etc,) at each site being left 
unprotected once the delivery has occurred Fur- 
thermore, they are inherently online systems: it is 
not practical to decouple the delivery of informa- 
tion firom payment for its use. 


4 : Information Protection Architecture: 
' .Interlrnst and DigiBox 

EPR has produced the InterTrust Virtual Distribu- 
tion Architecture to solve unmet, critical needs of 
electronic commerce. Almost any imaginable 
information transaction can be supported by Inter- 
Trust A few examples include distribution of con- 
tent (eg., text, video, audio) over networks, 
selective release of data from a database, con- 
trolled release of sensitive information, and so on. 
InterTrust can also support the secure communica- 
tion of private information such as EDI and elec- 
tronic financial transactions, as well as delivery of 
the- "back channel" marketing and usage data 
resulting from transactions. 

DigiBox is a foundation technology within Inter- 
Trust It provides a secure container to package 
information so that the information cannot be used 
except as provided by the rules and controls associ- 
ated with the content InterTrust rules and controls 
specify what types of content usage are permitted, 
as well as the consequences of usage such as 
reporting and payment 

Within InterTrust, DigiBox containers can enforce 
a 1 "distributed electronic contract" for value-chain 
activities functioning within an electronic distribu- 
tion environment This unique approach underlies 
EPR's information metering and digital rights pro- 
tection technology. Electronic commerce infra- 
structure participants can use InterTrust to 
substantially enhance their network, security, or 
payment method solutions. 

The DigiBox is a container for both digital prop- 
erty (content) and controls. It is used in conjunc- 
tion with a locally secured rights protection 
application (discussed further below) to make con- 
tent available as governed by arbitrarily flexible 
controls, 
i , 

The DigiBox container mechanism is implemented 
in! a set of platform-independent class libraries that 
provide access to objects in the container and 
extensions to OpenDoc and OLE object technolo- 
gies. DigiBox allows rights management compo- 
nents to be integrated with content in highly 
flexible and configurable control structures. Dig)- 
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Box tights management components can be inte- 
grated with content in a single deliverable, or some 
or all of the components can be delivered indepen- 
dently. DigiBox rights management component^ 
enable true superdHstribution [21] and can supp'ortj 
virtually any network topology and any number of 
participants, including distributors, redistribntorsj 
information retailers, corporate content users, and 
consumers. 

4.1 Content 

The digital information in a DigiBox (one or more 
'"properties") is information in any form. It may be 
mapped to a specific compound object format (e.g.j 
OpenDoc, OLE, PDF), or may be application sper 

cific. I 

* 
1 

Further, it may be delivered in stream or other 
communication-oriented forms, not just in a file: 
like container. j 

4.2 Controls [ 

Controls specify rules and consequences for opera 
tions on content Controls are also delivered in 
DigiBox, and the controls for a property may b£ 
delivered either with the property or independent) 
Controls arc tied to properties by crypto graph? 
means. 

Because controls can be delivered with propertie 
in a container, the DigiBox supports Buperdistrib^ 
tion. 


4.3 Commerce 

Commerce takes place governed by controls, 
may involve metering, billing for use, reporting tff 
usage, and so on. These operations take plade 
locally in a secure environment, and they generate 
audit trails and reports mat must be reported 
odicaliy to clearinghouses. 

i 

5 DigiBox Implementation 

The DigiBox is a structure that can hold, in a pro- 
tected manner, information commerce elements of 
all tauds*. content, usage information, representa- 


tion of financial transactions (e.g., electronic cash), 
and! other digital elements of information com- 
merce. 

| 

5.1 i Container Logical Structure 

i • 

Figjire 4 shows the logical structure of properties 
and' control sets in two containers. Container C x 
holis'two properties, P, and P 2 , and one control set, 
CSj, ihat applies to property P|; container Cj con- 
tains two control sets and no properties. As shown 
in the example, each of these elements .has a title 
attribute to provide a human-readable description 
of the element and, for control sets, an attribute 
indicating to what other elements the control set 
applies. 

A control set specifies rules and consequences, 
such as pricing, reporting, and so on, for the prop- 
erties to which h applies. A user holding just this 
container could use (e.g., view, print) content from 
Pj-Lihough only as specified by CS,. Because 
there is no control set applying to P 2 in that con- 
tainer, P 2 would not be usable in any way, 

i; 

A user holding both containers could use property 
pj as specified by CS 2 , and in addition has the 
choice of whether to designate CSi or CS 3 when 
using P,. CS,, which describes itself as "discount," 
is likely to be the user's preferred choice, 
i , 

The DigiBox includes several elements: organiza- 
tional structures, properties, controls, and support- 
ing data items. Almost all the information in a 
D&Box is encrypted, as described below, and 
access to the encrypted form is provided through a 
storage manager as appropriate, depending on how 
the DigiBox is delivered (eg., as a file or as a data 
stream). 

:| 

5£ Container Physical Structure 

Ffeure 5 is a schematic picture illustrating the 
physical structure of a DigiBox container. (Some 
elements have been omitted for clarity.) It begins 
with a container header structure containing 
descriptive and organizational information about 
ttie container. Part of the container header is 
encrypted (both for secrecy and for integrity pro- 
tection); .the rest is public organizational informa- 


i 

i 
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Control Set 
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Applies to = Pj 


Title = regular 


Property 
P2 


Title = elephant 


Container Ci 


Figure 4. Container logical structure. 


tion. The header is followed by additional 
container-wide structures such as the transport key 
block (TKB) and the container table of contends 
(TOQt some of which arc encrypted and others 
not. 

These organizational elements are followed by the 
structures defining the container's content (e.g., 
properties and control sets). As shown in the fig- 
ure, a property is represented by a property header, 
property attributes, and data blocks composing the 
property. As shown, the header is encrypted and 


i 


• Control Set 
CS 3 


Applies to = Pj 


Title = discount 


Control Set 
CSj 


Applies to = P 2 


Title = discount 


Container C 2 


! 


the attributes are not; the data blocks may be 
wholly or partly encrypted, or not at all, depending 
on security requirements. 

i ■ ■ 

The figure shows an example property consisting 
of a j multimedia property formed from a pair of 
synchronized data streams for audio and video. In 
this 'example, each video block is mostly unen- 
crypted so that access can be rapid while still main- 
taining reasonable security — encrypting even 10 
percent of an MPEG stream tenders it effectively 
useless for illicit copying. On the other hand, the 
audio is entirely encrypted, and each audio block 
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Shading indicates encryption: 

<- Unencrypted 
<- Encrypted by Key 1 
^- Encrypted by Key 2 


Figure 5. Container physical format. 


uses four distinct keys, because the content propr - 
dor requires much, stronger security for audio tha i 
for video. 

A property is represented as one or more properly 
sections, each of which is independently associate i 
with control information, and which may also b e 
stored and accessed independently. A property, f< r 
example, might be a collection of clip-art image ^ 
and each image might be a property "chunk," wil h 
its own control specifying how that image's creator 
is compensated. 


Controls can map to property chunks at arbitrary 
granularity and can enforce arbitrary organiza- 
tional structures within the property (such as a file 
hierarchy). Controls can apply to individual bytes, 


frames of a movie, segments of a musical piece, 
add so on, because the mapping is performed by a 
control process specified by the control structure, 
not simply via a table-driven data structure, 

, Cryptographic Techniques 

Ijhej • high-level elements in a DigiBox are 
encrypted with a transport key that is normally 
djeriyed (by exclusive OR) from two parts: one that 
isTdeKvered in the DigiBox itself, encrypted with a 
pjoblic key algorithm, and the other that is stored in 
protected storage locally. The locally stored part is 
sfi axed among all the local nodes capable of pro- 
cessing that DigiBox, but the part in the DigiBox is 
unique. This separation provides protection against 
accidental or malicious disclosure of either part 
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Figure 6- Container transport security. 


Figure 6 illustrates how the transport key (TK) is 
derived. The transport key block (TKB) contains 
one or more slots, each of which contains a partial 


I. 


transport key encrypted under a different transport 
k'ey encrypting key (TKEK). Each TKB slot identi- 
fies the TKEK used, and a matching TKEK is 
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selected from local protected storage. Decrypting 
the slot yields a partial TK, which is combined 
with its corresponding partial TK again fronx^ro- 
tected local storage to yield the actual TK for 
decrypting the container header. 

i 
ii 

The data for the property itself is encrypted s witb 
other keys ("content keys") that are themselves; 
delivered in encrypted high-level structures} this 
approach permits the keys for a property to be 
delivered entirely separately from the property en? 
its controls. Multiple keys, in a wide variety of 
key-mapping schemes, are used to encrypt the 
data, limiting the loss that would occur from dis T 
closure of any one key. j 

I 

All DigiBox control structures are both encrypted 
and verified for integrity with a cryptographic hash 
function. Several cryptographic .algorithms are 
supported for these control structures (principally 
for export control reasons), and arbitrary ! algo- 
rithms are supported for encryption of the data. 


5.4 Security Characteristics * 

The DigiBox cryptographic structures are designed 
to be secure even in the face of loss of mdrvidiiffl 
key components, and to minimize the damage in 
case a key or processing environment is compro- 
mised. The system is designed to provide commer- 
cially acceptable risks and losses for a variety of 
business models. I 

; i 

The basic algorithms are strong: Triple DIsS [22] 
and RSA [23] are preferred. This security, is, of 
course, only as strong as the tamper-resistance of 
the local processing environment The prtfeired 
implementation of DigiBox processing relies on|a 
"secure processing unit" (SPU) that contains ja 
CPU, memory, program storage, and key storage in 
a single tamper-resistant hardware packagjt. 
Although these are not widely available tod>y, the 
variety of applications they might support makesjit 
likely thai such SPUs will become widely inte- 
grated into common computing platforms. When 
nmning in an SPU, the DigiBox processing and 
control mechanisms are* sufficiently well protected 
to support most commerce applications. 


In he absence of an SPU, other approaches are 
useful for many business models. In fact, a soft- 
waie-onry implementation is sufficient for many 
apt locations, because much content is of relatively • 
lov value and is used in a context (business to 
bus iness) where a modest level of fraud is both less 
likely and more tolerable. As long as the software 
is Moderately difficult to defeat and tools to defeat 
it t ave no legitimate purpose, business models can 
be supported where some risk of loss is acceptable. 
In he world of electronic commerce, just as for tra- 
dit onal commerce, security is not absolute: it is 
just a factor to balance against the cost of loss and 
fraud. 


Conclusions 

„ DigiBox is one component of a general-pur- 
jse electronic commerce solution that rests on 
basic principles; rights protection, interopera- 
r, and strong security. 
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Tie 
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Electronic commerce, and information commerce 
in particular, needs a robust information protection 
litchanism, including rights protection and con- 
trols, not just payment systems. As the electronic 
winid evolves, however, and moves forward from 
siinply emulating traditional transactions into 
ei nxely new business models, rights protection and 
cc ntrol will become the predominant issues. 

Protection of intellectual property rights in infor- 
mation requires strong cryptography as well as a 
fliixible infrastructure for controlling use of the 
information. A standard protected container for 
information is necessary to support interoperabfl- 
it; f' — most existing schemes tightly bind the creator 
'protected information and the software that pro- 
cesses it A standard container can rationalize 
ii formation commerce and reduce costs for all par- 
ti ;ipgnts. 

ii the long term, general-purpose secure electronic 
commerce will need pervasive deployment of 
■resistant hardware devices to perform 
„ _ processing of protected content However, 
as these solutions are developed, many business 
models can be accommodated with weaker or less 
complete solutions because the risk and expected 
losses are commercially acceptable. 


umper-i 
secure 
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Business-to-business purchasing is steadily evolv- 
ing into a direct electnmic ordering modeL Future 
communications and media markets will become 
increasingly segmented and, specialized! r m 
response to customer preferences and needs and 
involve increasing, and more sophisticated, direct 
interaction between consumers and providers 
These markets and their value chains (with or with 
out intermediary distributors) will require secure 
metering and control tools that enable a user to 
efficiently and economically tailor resources ip'fo 
or her own desires. 

During the next decade, digital delivery of tradiq 
tional electronic products, such as infonnatiprj 
databases and software, will be joined by a rapidl) 
growing array of both New Media and electron^ 
cally distributed traditional content The cqnver| 
sion from traditional models requires! ^ 
foundation technologies and will result in a fiindat 
mental shift in current infrastructure. This transforj 
mation will create a new distribution industry! 
Digital distribution employing *a universal content 
and commerce container can play a critical role in 
this broad economic transformation. 1 j 
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